
What is claimed is: 

An integrated security gateway apparatus interfacing 
wi£k an internal network and an external network for 
blockohg a selected packet from the internal network or 
external network, comprising : 

a packet duplicating module for receiving and 
duplicating anNlncoming packet from one of the internal and 
external networks ; 

a black zone server coupled to the packet duplicating 
module for analyzing thevduplicated packet; and 

an inspection engine \coupled to the packet duplicating 
module and the block zone seVer for inspecting whether the 
received incoming packet corresponds to said selected packet 
to be blocked based on the analysis\in the block zone server, 
wherein said black zone server \erves as at least one 
of an intrusion detection system, an antivirus system and a 
noxious site blocking system. 

2. The apparatus of claim 1, wherein the external network 
is the Internet. 

3. The apparatus of claim 1, wherein said internal 
network is a local area network. 

4. The apparatus of claim 1, further comprising 

encrypting/decrypting means for encrypting the received 
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incoming packet if said received packet is from the internal 
network to the external network and decrypting otherwise. 

5. The apparatus of claim 4, wherein said 
encrypting/decrypting means uses different keys depending on 
the source and the destination of the received packet. 

A networking system consisting of at least one 
"internal network and an external network, comprising: 

an integrated security gateway interfacing with said 
at least one internal network and said external network for 
receiving and duplicating an incoming packet from one of the 
internal and external networks; and 

a black zone server coupled to the integrated security 
gateway for analyzing the duplicating packet, 

said integrated security gateway inspecting whether 
the received incoming packet is to be denied based on the 
analysis in the black zone server. 

7. The system of claim 6, wherein the external network is 
the Internet . 

8. The system of claim 6, wherein said internal network 
is a local area network. 



9. The system of claim 6, wherein said integrated 



security gateway encrypts the received packet if said 
received packet is from the internal network to the external 
network and decrypts otherwise. 

10. The system of claim 9, wherein said integrated 
security gateway uses different keys depending on the source 
and the destination of the received packet. 



